Limit concurrent sessions

Limit concurrent sessions

Limit concurrent sessions

You can limit the number of concurrent interactive sessions for a user or role on an
instance across all nodes.

Concurrent interactive sessions refer to the number of sessions a user can have active per ServiceNow instance. An active instance
session occurs with every new login to a specific ServiceNow instance. By default, there
are no limitations on the number of active instance sessions a user can have.

With the Jakarta release, you can limit the number of active concurrent sessions per user. When
the user logs in after hitting the maximum number of sessions active, the oldest active
session terminates and a new interactive session becomes active. If a user tries to access a
closed session through a browser, the user is redirected to the login page.

Note: The
Limit concurrent sessions plugin must be active to enable a maximum
session limit. Limits are set through the
glide.authenticate.max.concurrent.interactive.sessions property. A maximum limit value
applies to any user or role that has the limit property active. For the Jakarta release,
this feature does not support sessions created through the native mobile app or
non-interactive mechanisms.

Since the user has a maximum concurrent session limit of 1, the S1 session invalidates
when S2 is created.

When the user goes back through Chrome to access the S1 ServiceNow instance, the user is
redirected to the login page as S1 is invalid.

Concurrent session limits work with all the ServiceNow authentication mechanisms:
SAML, LDAP, and local database authentication. It also works with Multi-factor authentication
and all interactive ServiceNow
authentication mechanisms. The source of the session is viewable through the
sys_user_session table, under the column Type.
The values can be: